Add sprig template library

go.mod

@@ -1,6 +1,8 @@
 module github.com/ory/oathkeeper
 
 require (
+	github.com/Masterminds/goutils v1.1.0 // indirect
+	github.com/Masterminds/sprig v2.20.0+incompatible
 	github.com/Microsoft/go-winio v0.4.12 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf
 	github.com/auth0/go-jwt-middleware v0.0.0-20170425171159-5493cabe49f7
@@ -28,6 +30,8 @@ require (
 	github.com/google/uuid v1.1.1
 	github.com/gorilla/handlers v1.4.0 // indirect
 	github.com/gorilla/mux v1.7.1 // indirect
+	github.com/huandu/xstrings v1.2.0 // indirect
+	github.com/imdario/mergo v0.3.7 // indirect
 	github.com/jessevdk/go-flags v1.4.0 // indirect
 	github.com/julienschmidt/httprouter v1.2.0
 	github.com/lib/pq v1.0.0

go.sum

@@ -8,7 +8,12 @@ github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX
 github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
+github.com/Masterminds/goutils v1.1.0 h1:zukEsf/1JZwCMgHiK3GZftabmxiCw4apj3a28RPBiVg=
+github.com/Masterminds/goutils v1.1.0/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU=
+github.com/Masterminds/semver v1.4.2 h1:WBLTQ37jOCzSLtXNdoo8bNM8876KhNqOKvrlGITgsTc=
 github.com/Masterminds/semver v1.4.2/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y=
+github.com/Masterminds/sprig v2.20.0+incompatible h1:dJTKKuUkYW3RMFdQFXPU/s6hg10RgctmTjRcbZ98Ap8=
+github.com/Masterminds/sprig v2.20.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuNhlNS5hqE0NB0E6fgfo2Br3o=
 github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA=
 github.com/Microsoft/go-winio v0.4.12 h1:xAfWHN1IrQ0NJ9TBC0KBZoqLjzDTr1ML+4MywiUOryc=
 github.com/Microsoft/go-winio v0.4.12/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA=
@@ -374,6 +379,10 @@ github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
 github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
 github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
+github.com/huandu/xstrings v1.2.0 h1:yPeWdRnmynF7p+lLYz0H2tthW9lqhMJrQV/U7yy4wX0=
+github.com/huandu/xstrings v1.2.0/go.mod h1:DvyZB1rfVYsBIigL8HwpZgxHwXozlTgGqn63UyNX5k4=
+github.com/imdario/mergo v0.3.7 h1:Y+UAYTZ7gDEuOfhxKWy+dvb5dRQ6rJjFSdX2HZY1/gI=
+github.com/imdario/mergo v0.3.7/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
 github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM=
 github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
 github.com/jackc/fake v0.0.0-20150926172116-812a484cc733/go.mod h1:WrMFNQdiFJ80sQsxDoMokWK1W5TQtxBFNpzWTD84ibQ=

pipeline/mutate/mutator_cookie_test.go

@@ -135,6 +135,26 @@ func TestCredentialsIssuerCookies(t *testing.T) {
 				},
 				Err: nil,
 			},
+			"Advanced template with sprig function": {
+				Session: &authn.AuthenticationSession{
+					Subject: "foo",
+					Extra: map[string]interface{}{
+						"example.com/some-claims": []string{"Foo", "Bar"},
+					},
+				},
+				Rule: &rule.Rule{ID: "test-rule9"},
+				Config: json.RawMessage([]byte(`{"cookies":{
+					"example-claims": "{{- (index .Extra \"example.com/some-claims\") | join \",\" -}}"
+				}}`)),
+				Request: &http.Request{Header: http.Header{}},
+				Match: []*http.Cookie{
+					{
+						Name:  "example-claims",
+						Value: "Foo,Bar",
+					},
+				},
+				Err: nil,
+			},
 		}
 
 		t.Run("caching=off", func(t *testing.T) {

pipeline/mutate/mutator_header_test.go

@@ -123,6 +123,23 @@ func TestCredentialsIssuerHeaders(t *testing.T) {
 				Match:   http.Header{},
 				Err:     errors.New(`json: unknown field "bar"`),
 			},
+			"Advanced template with sprig function": {
+				Session: &authn.AuthenticationSession{
+					Subject: "foo",
+					Extra: map[string]interface{}{
+						"example.com/some-claims": []string{"Foo", "Bar"},
+					},
+				},
+				Rule: &rule.Rule{ID: "test-rule9"},
+				Config: json.RawMessage([]byte(`{"headers":{
+					"Example-Claims": "{{- (index .Extra \"example.com/some-claims\") | join \",\" -}}"
+				}}`)),
+				Request: &http.Request{Header: http.Header{}},
+				Match: http.Header{
+					"Example-Claims": []string{"Foo,Bar"},
+				},
+				Err: nil,
+			},
 		}
 
 		t.Run("cache=disabled", func(t *testing.T) {

pipeline/mutate/template.go

@@ -3,6 +3,8 @@ package mutate
 import (
 	"fmt"
 	"text/template"
+
+	"github.com/Masterminds/sprig"
 )
 
 func newTemplate(id string) *template.Template {
@@ -16,5 +18,6 @@ func newTemplate(id string) *template.Template {
 				}
 				return fmt.Sprintf("%v", i)
 			},
-		})
+		}).
+		Funcs(sprig.TxtFuncMap())
 }